/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package Control;

import Model.DAO;
import Model.User;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author hung
 */
public class ChangePasswordServlet extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        HttpSession session = request.getSession();
        response.setContentType("text/html;charset=UTF-8");

        String url = "";

        String pass = request.getParameter("pass");
        String newpass = request.getParameter("newpass");
        String newpass2 = request.getParameter("newpass2");
        User user = (User) session.getAttribute("user");
        if (user.getPassword().equals(pass)) {
            if (newpass.equals(newpass2)) {
                try {
                    Connection con = DAO.getConnection();
                    String sql = "update user set password = ? where username = ?";
                    PreparedStatement state = con.prepareStatement(sql);
                    state.setString(1, newpass);
                    state.setString(2, user.getUsername());
                    state.execute();
                    con.close();
                } catch (SQLException ex) {
                    Logger.getLogger(ChangePasswordServlet.class.getName()).log(Level.SEVERE, null, ex);
                }

                url = "/thanks.jsp";
                request.setAttribute("thanks", "Thay đổi mật khẩu thành công!");

            } else {
                url="/changepassword.jsp";
                request.setAttribute("error", "Mật khẩu không trùng");
            }
        } else {
             url="/changepassword.jsp";
             request.setAttribute("error", "Mật khẩu cũ không đúng");

        }

        RequestDispatcher dis = getServletContext().getRequestDispatcher(url);
        dis.forward(request, response);

    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
